Commit 6e301e40b2db8a1ca4aa1d15e69142d8cf7d3794
1 parent
a75df161
KTS-2178
"cross site scripting" Updated. Reviewed By: Kevin Fourie git-svn-id: https://kt-dms.svn.sourceforge.net/svnroot/kt-dms/trunk@6953 c91229c3-7414-0410-bfa2-8a42b809f60b
Showing
1 changed file
with
1 additions
and
1 deletions
templates/ktcore/dashlets/checkedout.smarty
| ... | ... | @@ -2,7 +2,7 @@ |
| 2 | 2 | {if (!empty($documents))} |
| 3 | 3 | <dl> |
| 4 | 4 | {foreach item=oDocument from=$documents} |
| 5 | - <dt>{$oDocument->getName()} | <a href="{$context->getDocumentLink($oDocument)}">{i18n}View Document{/i18n}</a></dt> | |
| 5 | + <dt>{$oDocument->getName()|sanitize} | <a href="{$context->getDocumentLink($oDocument)}">{i18n}View Document{/i18n}</a></dt> | |
| 6 | 6 | {/foreach} |
| 7 | 7 | </ul> |
| 8 | 8 | {else} | ... | ... |